我正在尝试代理运行 ELK 的后端服务器。这是我的环境信息:
root@proxy:~#
root@proxy:~# cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.1 LTS"
NAME="Ubuntu"
VERSION="18.04.1 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.1 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
root@proxy:~#
root@proxy:~# nginx -v
nginx version: nginx/1.14.0 (Ubuntu)
root@proxy:~#
root@proxy:~# cat /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
root@proxy:~#
root@proxy:~# cat /etc/nginx/conf.d/elk.conf
server {
listen 80;
server_name domain.tld;
return 301 https://$host$request_uri;
}
server {
listen 443 default_server ssl;
server_name domain.tld;
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
location / {
root /usr/share/nginx/html;
index index.html;
}
location /elk {
proxy_pass http://1.2.3.4:5601;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
}
}
root@proxy:~#
使用上述配置,当我转到 https://domain.tld 时,我可以毫无问题地查看我的静态站点,但是当我转到 https://domain.tld/elk 时,我得到 404 未找到。以下是 404 的原始数据:
{"statusCode":404,"error":"Not Found","message":"Not Found"}
以下是标题:
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Fri, 04 Jan 2019 11:42:55 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
cache-control: no-cache
content-encoding: gzip
kbn-name: kibana
kbn-xpack-sig: d39f386737f81acb1fe7cc2cc4d80109
vary: accept-encoding
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.5
Connection: keep-alive
DNT: 1
Host: domain.tld
Referer: https://domain.tld/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0
如果我按这样配置:
root@proxy:~# cat /etc/nginx/conf.d/elk.conf
server {
listen 80;
server_name domain.tld;
return 301 https://$host$request_uri;
}
server {
listen 443 default_server ssl;
server_name domain.tld;
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
location / {
proxy_pass http://1.2.3.4:5601;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
}
}
root@proxy:~#
并转到 https://domain.tld,它将正确代理回 ELK,并且 Kibana 仪表板会正确加载。
一直在修补,在线研究并相应地调整样本,但无法使其按照我想要的方式工作。感谢您的帮助。谢谢!
基本上,您需要进行两项更改才能解决问题。首先,请在 Nginx 服务器块文件中location和proxy_pass指令末尾添加斜杠,如下所示:
location /elk/ {
proxy_pass http://1.2.3.4:5601/;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
}
其次,请取消注释server.basePath设置,并在 kibana.yml 配置文件中给出 /elk 的值:
server.basePath: "/elk"
最后,您必须重新启动 Nginx 和 Kibana,然后再尝试一次。